Get KYC validation media
Session-based validation
Get KYC validation media
Download document images, portrait, liveness video, and other assets stored for a session-based KYC validation — in the gu1 KYC API for identity verification.
GET
Get KYC validation media
Overview
After a session-based KYC validation finishes (for example approved), media references appear insidedecision on GET /api/kyc/validations/:id (document images, portrait, liveness video, nested images, etc.).
Current format: each reference is usually a kyc/... key (a path string). Download bytes with the media endpoint below and your API key.
Decision shape: feature results appear as both singular objects and one-element arrays (for example id_verification and id_verifications[0]). Image fields may exist on either shape; Gu1 keeps them in sync. See KYC webhook events for a full decision example.
Older rows: some validations still have HTTPS URLs in decision (short-lived links from the verification flow). Use those URLs directly (for example in an <img> or a server-side fetch) while they remain valid. They are not passed to GET .../media?key= — that parameter is only for kyc/... keys.
This page applies to full session KYC (global_gueno_validation_kyc). Face Match and ID Verification use other endpoints (see Face Match / ID Verification in the sidebar).
Older Validations (HTTPS Links vs. kyc/... Keys)
- No data is deleted: existing API responses stay valid JSON; behavior depends on what each string contains.
- Keys (
kyc/...): useGET /api/kyc/validations/:id/mediawithkeyURL-encoded. Access is scoped to your organization and that validation. - HTTPS strings: your app should treat them like normal temporary asset URLs until they expire. The API may replace them with
kyc/...keys on a later sync with the verification provider (webhook or sync), as long as the hosted link can still be fetched. - If a link has already expired before migration, that field may stay as a dead URL until a new sync supplies fresh links or Gu1 support runs an internal media repair for your organization.
Request
Endpoint
Headers
Authorization:Bearer YOUR_API_KEY(required)
Query Parameters
| Parameter | Required | Description |
|---|---|---|
key | Yes | The storage key string from decision. URL-encode the value (slashes become %2F). |
Permissions
Your API key must be allowed to read KYC (kyc:read when the key uses granular permissions; otherwise the key follows the owner user’s role, with legacy fallback where applicable—same as GET /api/kyc/validations/:id).
Response
Raw file bytes.Content-Type reflects the asset (e.g. image/jpeg, video/webm).
Example
encodeURIComponent(key) so every / in the key is encoded.
Related
- Create KYC validation — start the flow and obtain
validationId - Check validation status — poll until
decisionis populated